Session restore allows fingerprinting of users by choice of open tabs
This is a Firefox privacy problem that so far has not been considered of interest for Tor Browser since only "Private Browsing" is considered safe.
Thus they will find themselves experiencing a browser or computer crash and be thankful to recover all the tabs when reopening the browser. The privacy bugfix that would be useful at this point is to modify Firefox's session resume in such a way that not only the tabs are loaded when accessed (which is already the default) but to also not access all the sites in the tabs just to have a neat favicon to display (considering also that the disk cache should have them already).
All there is to do is to disallow those outgoing HTTP requests during session restore.
This comes in a series of bug/enhancement requests relating to the purpose of making Tor Browser also support the bulk surveillance threat model, not just the targeted surveillance threat model (which includes distrusting the local computer and hard disk). In order to address bulk surveillance, Tor Browser needs to become an acceptable choice for mainstream users and work on its market share. This is reasonable because none of the existing mainstream browsers fill that role, they all support the surveillance apparatus.